sorceress
/
nix-infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to NixOS 23.11

This commit is contained in:
Agatha Lovelace 2023-12-17 21:05:44 +01:00
parent 6e9f48d663
commit 8ece8f92e6
Signed by: sorceress
GPG Key ID: 01D0B3AB10CED4F8
19 changed files with 202 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -45,9 +45,9 @@ Modded minecraft instance rsync modules can be accessed through `mc-[modpack]@bl
### Updating mastodon ### Updating mastodon
```sh ```sh
eval "$(nix build --impure --expr 'let pkgs = import <nixpkgs> { }; in pkgs.callPackage ./update.nix {}' --no-link --print-out-paths)/bin/update.sh --ver <commit hash>" cd common/pkgs/mastodon && ./update.sh --owner AgathaSorceress --rev <commit hash>
``` ```
## Reference configs used ## Reference configs used
- https://github.com/Xe/nixos-configs - https://github.com/Xe/nixos-configs
- https://git.nora.codes/nora/nixconfig - https://git.nora.codes/nora/nixconfig

4
common/fragments/graphical/audio.nix
View File

@ -21,7 +21,7 @@
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.noisetorch}/bin/noisetorch -i -s ${ ExecStart = "${pkgs.noisetorch}/bin/noisetorch -i -s ${
if config.networking.hostName == "tears" then if config.networking.hostName == "tears" then
"alsa_input.usb-BEHRINGER_UMC202HD_192k-00.HiFi__umc202hd_mono_in_U192k_0_0__source" "UMC202HD_Left"
else else
"alsa_input.pci-0000_00_1f.3.analog-stereo" "alsa_input.pci-0000_00_1f.3.analog-stereo"
}"; }";
@ -37,7 +37,7 @@
home-manager.users.agatha = { home-manager.users.agatha = {
services.easyeffects = { services.easyeffects = {
enable = true; enable = false;
preset = "DT-770-flat-eq"; preset = "DT-770-flat-eq";
}; };

13
common/fragments/graphical/default.nix
View File

@ -55,7 +55,7 @@
nitrogen nitrogen
nmap nmap
obs-studio obs-studio
unstable.obsidian obsidian
pfetch pfetch
polybar-spotify polybar-spotify
pridefetch pridefetch
@ -70,6 +70,9 @@
yubioath-flutter yubioath-flutter
]; ];
# blame Obsidian
nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ];
# Brightness/volume keys # Brightness/volume keys
users.users.agatha.extraGroups = [ "video" ]; users.users.agatha.extraGroups = [ "video" ];
@ -203,22 +206,20 @@
xdg = { xdg = {
portal = { portal = {
enable = true; enable = true;
extraPortals = with pkgs; [ config.common.default = "*";
xdg-desktop-portal-wlr
xdg-desktop-portal-gtk
];
wlr.enable = true; wlr.enable = true;
}; };
}; };
fonts.fontconfig.enable = true; fonts.fontconfig.enable = true;
fonts.fontDir.enable = true; fonts.fontDir.enable = true;
fonts.fonts = with pkgs; [ fonts.packages = with pkgs; [
(nerdfonts.override { fonts = [ "DaddyTimeMono" "NerdFontsSymbolsOnly" ]; }) (nerdfonts.override { fonts = [ "DaddyTimeMono" "NerdFontsSymbolsOnly" ]; })
cantarell-fonts cantarell-fonts
cm_unicode cm_unicode
corefonts corefonts
crimson crimson
crimson-pro
dejavu_fonts dejavu_fonts
fira-code fira-code
fira-code-symbols fira-code-symbols

12
common/fragments/graphical/iosevka.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, ... }: { {
# Iosevka Gothic # Iosevka Gothic
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (final: prev: {
@ -25,24 +25,24 @@
capital-h = "serifed" capital-h = "serifed"
capital-i = "serifed" capital-i = "serifed"
capital-q = "crossing" capital-q = "crossing"
capital-r = "standing" capital-r = "standing-serifed"
f = "tailed" f = "tailed"
l = "tailed-serifed" l = "tailed-serifed"
z = "cursive" z = "cursive"
long-s = "bent-hook-tailed" long-s = "bent-hook-tailed"
eszet = "sulzbacher-descending" eszet = "sulzbacher-descending-serifless"
lower-mu = "tailed" lower-mu = "tailed-serifed"
lower-xi = "flat-top" lower-xi = "flat-top"
three = "flat-top" three = "flat-top"
six = "straight-bar" six = "straight-bar"
asterisk = "flip-penta-high" asterisk = "turn-penta-high"
pilcrow = "high" pilcrow = "high"
caret = "medium" caret = "medium"
paren = "normal" paren = "normal"
brace = "curly-flat-boundary" brace = "curly-flat-boundary"
number-sign = "upright" number-sign = "upright"
ampersand = "closed" ampersand = "closed"
at = "short" at = "compact"
lig-ltgteq = "slanted" lig-ltgteq = "slanted"
ascii-single-quote = "raised-comma" ascii-single-quote = "raised-comma"
ascii-grave = "straight" ascii-grave = "straight"

1
common/fragments/graphical/lockscreen.nix
View File

@ -3,7 +3,6 @@
# Lockscreen # Lockscreen
services.betterlockscreen = { services.betterlockscreen = {
enable = true; enable = true;
package = pkgs.unstable.betterlockscreen;
arguments = [ "dimblur" ]; arguments = [ "dimblur" ];
}; };

3
common/fragments/graphical/polybar.nix
View File

@ -188,7 +188,8 @@
format-prefix-foreground = "\${colors.foreground-alt}"; format-prefix-foreground = "\${colors.foreground-alt}";
label = '' label = ''
%{A3:${pkgs.dunst}/bin/dunstify ' Calendar' "$(${pkgs.util-linux}/bin/cal --color=always | ${pkgs.gnused}/bin/sed "s#\\x1b\\[7m#<b>#;s#\\x1b\\[27m#</b>#g")":}%date%%{A} %time%''; %{A3:${pkgs.dunst}/bin/dunstify ' Calendar' "$(${pkgs.util-linux}/bin/cal --color=always | ${pkgs.sd}/bin/sd '\\x1b\[7m' '<b>' | ${pkgs.sd}/bin/sd '\\x1b\[0m' '</b>')":}%date%%{A} %time%
'';
}; };
"module/filesystem" = { "module/filesystem" = {

1
common/fragments/graphical/spotify.nix
View File

@ -1,6 +1,7 @@
{ pkgs, ... }: { { pkgs, ... }: {
programs.spicetify = with pkgs.spicetify-pkgs; { programs.spicetify = with pkgs.spicetify-pkgs; {
enable = true; enable = true;
spicetifyPackage = pkgs.unstable.spicetify-cli;
enabledExtensions = with extensions; [ shuffle ]; enabledExtensions = with extensions; [ shuffle ];
enabledCustomApps = with apps; [ marketplace lyrics-plus ]; enabledCustomApps = with apps; [ marketplace lyrics-plus ];

1
common/fragments/mastodon.nix
View File

@ -9,6 +9,7 @@
smtp.fromAddress = "noreply@technogothic.net"; smtp.fromAddress = "noreply@technogothic.net";
smtp.createLocally = false; smtp.createLocally = false;
database.passwordFile = "/var/lib/mastodon/secrets/db-password"; database.passwordFile = "/var/lib/mastodon/secrets/db-password";
streamingProcesses = 4;
elasticsearch = { elasticsearch = {
host = "127.0.0.1"; host = "127.0.0.1";
inherit (config.services.elasticsearch) port; inherit (config.services.elasticsearch) port;

5
common/fragments/restic.nix
View File

@ -1,7 +1,4 @@
{ config, pkgs, ... }: { { config, ... }: {
nixpkgs.overlays = [ (final: prev: { restic = pkgs.unstable.restic; }) ];
environment.systemPackages = [ pkgs.restic ];
services.restic.backups.${config.networking.hostName} = { services.restic.backups.${config.networking.hostName} = {
initialize = true; initialize = true;

2
common/pkgs/bspm.nix
View File

@ -10,7 +10,7 @@ pkgs.buildGoModule rec {
sha256 = "sha256-ocnvTUANmJ6186Dktr5GaotbkZKZymKiIHICgTIRtjc="; sha256 = "sha256-ocnvTUANmJ6186Dktr5GaotbkZKZymKiIHICgTIRtjc=";
}; };
vendorSha256 = "sha256-Oj6i4/K0LAubu2aSoXcC6bZtTp8/N0cbvG+KWjA5/nw="; vendorHash = "sha256-Oj6i4/K0LAubu2aSoXcC6bZtTp8/N0cbvG+KWjA5/nw=";
doCheck = false; doCheck = false;

44
common/pkgs/mastodon/default.nix
View File

@ -1,26 +1,21 @@
{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv { lib, stdenv, nodejs-slim, bundlerEnv, nixosTests, yarn, callPackage
, nixosTests, yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0 , imagemagick, ffmpeg, file, ruby, writeShellScript, fetchYarnDeps
, writeShellScript, fetchYarnDeps, fixup_yarn_lock, brotli , fixup_yarn_lock, brotli
# Allow building a fork or custom version of Mastodon: # Allow building a fork or custom version of Mastodon:
, pname ? "mastodon", version ? import ./version.nix, srcOverride ? null , pname ? "mastodon", version ? srcOverride.version, patches ? [ ]
, dependenciesDir ? ./. # Should contain gemset.nix, yarn.nix and package.json. # src is a package
}: , srcOverride ? callPackage ./source.nix { inherit patches; }
, gemset ? ./. + "/gemset.nix", yarnHash ? srcOverride.yarnHash }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
inherit pname version; inherit pname version;
# Using overrideAttrs on src does not build the gems and modules with the overridden src. src = srcOverride;
# Putting the callPackage up in the arguments list also does not work.
src =
if srcOverride != null then srcOverride else callPackage ./source.nix { };
mastodonGems = bundlerEnv { mastodonGems = bundlerEnv {
name = "${pname}-gems-${version}"; name = "${pname}-gems-${version}";
inherit version; inherit version gemset ruby;
ruby = ruby_3_0;
gemdir = src; gemdir = src;
gemset = dependenciesDir + "/gemset.nix";
# This fix (copied from https://github.com/NixOS/nixpkgs/pull/76765) replaces the gem # This fix (copied from https://github.com/NixOS/nixpkgs/pull/76765) replaces the gem
# symlinks with directories, resolving this error when running rake: # symlinks with directories, resolving this error when running rake:
# /nix/store/451rhxkggw53h7253izpbq55nrhs7iv0-mastodon-gems-3.0.1/lib/ruby/gems/2.6.0/gems/bundler-1.17.3/lib/bundler/settings.rb:6:in `<module:Bundler>': uninitialized constant Bundler::Settings (NameError) # /nix/store/451rhxkggw53h7253izpbq55nrhs7iv0-mastodon-gems-3.0.1/lib/ruby/gems/2.6.0/gems/bundler-1.17.3/lib/bundler/settings.rb:6:in `<module:Bundler>': uninitialized constant Bundler::Settings (NameError)
@ -41,7 +36,7 @@ stdenv.mkDerivation rec {
yarnOfflineCache = fetchYarnDeps { yarnOfflineCache = fetchYarnDeps {
yarnLock = "${src}/yarn.lock"; yarnLock = "${src}/yarn.lock";
sha256 = "sha256-WsPNqV1PC2YjL37qnWfRTj8LaIBUI7+C0cWTfFd7HGo="; hash = yarnHash;
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -57,6 +52,8 @@ stdenv.mkDerivation rec {
NODE_ENV = "production"; NODE_ENV = "production";
buildPhase = '' buildPhase = ''
runHook preBuild
export HOME=$PWD export HOME=$PWD
# This option is needed for openssl-3 compatibility # This option is needed for openssl-3 compatibility
# Otherwise we encounter this upstream issue: https://github.com/mastodon/mastodon/issues/17924 # Otherwise we encounter this upstream issue: https://github.com/mastodon/mastodon/issues/17924
@ -84,13 +81,19 @@ stdenv.mkDerivation rec {
brotli --best --keep ~/public/packs/report.html brotli --best --keep ~/public/packs/report.html
find ~/public/assets -type f -regextype posix-extended -iregex '.*\.(css|js|json|html)' \ find ~/public/assets -type f -regextype posix-extended -iregex '.*\.(css|js|json|html)' \
-exec brotli --best --keep {} ';' -exec brotli --best --keep {} ';'
runHook postBuild
''; '';
installPhase = '' installPhase = ''
runHook preInstall
mkdir -p $out/public mkdir -p $out/public
cp -r node_modules $out/node_modules cp -r node_modules $out/node_modules
cp -r public/assets $out/public cp -r public/assets $out/public
cp -r public/packs $out/public cp -r public/packs $out/public
runHook postInstall
''; '';
}; };
@ -98,6 +101,8 @@ stdenv.mkDerivation rec {
buildInputs = [ mastodonGems nodejs-slim ]; buildInputs = [ mastodonGems nodejs-slim ];
buildPhase = '' buildPhase = ''
runHook preBuild
ln -s $mastodonModules/node_modules node_modules ln -s $mastodonModules/node_modules node_modules
ln -s $mastodonModules/public/assets public/assets ln -s $mastodonModules/public/assets public/assets
ln -s $mastodonModules/public/packs public/packs ln -s $mastodonModules/public/packs public/packs
@ -130,6 +135,8 @@ stdenv.mkDerivation rec {
rm -rf log rm -rf log
ln -s /var/log/mastodon log ln -s /var/log/mastodon log
ln -s /tmp tmp ln -s /tmp tmp
runHook postBuild
''; '';
installPhase = let installPhase = let
@ -138,14 +145,19 @@ stdenv.mkDerivation rec {
${nodejs-slim}/bin/node ./streaming ${nodejs-slim}/bin/node ./streaming
''; '';
in '' in ''
runHook preInstall
mkdir -p $out mkdir -p $out
cp -r * $out/ cp -r * $out/
ln -s ${run-streaming} $out/run-streaming.sh ln -s ${run-streaming} $out/run-streaming.sh
runHook postInstall
''; '';
passthru = { passthru = {
tests.mastodon = nixosTests.mastodon; tests.mastodon = nixosTests.mastodon;
updateScript = callPackage ./update.nix { }; # run with: nix-shell ./maintainers/scripts/update.nix --argstr package mastodon
updateScript = ./update.sh;
}; };
meta = with lib; { meta = with lib; {

25
common/pkgs/mastodon/source.nix
View File

@ -1,11 +1,18 @@
# This file was generated by pkgs.mastodon.updateScript. # This file was generated by pkgs.mastodon.updateScript.
{ fetchgit, applyPatches }: let { fetchFromGitHub, applyPatches, patches ? [] }:
src = fetchgit { let
url = "https://github.com/AgathaSorceress/mastodon.git"; version = "8fbaf6711d6d33de2fcc62888a7109993a5c8f24";
rev = "8fbaf6711d6d33de2fcc62888a7109993a5c8f24"; in
sha256 = "1y2lv9fib3rasqdd1b7xi9q1chsk2d98hm3lmgg9grsy4f0nwn81"; (
}; applyPatches {
in applyPatches { src = fetchFromGitHub {
inherit src; owner = "AgathaSorceress";
patches = []; repo = "mastodon";
rev = "${version}";
hash = "sha256-AVlugSNe55feq3RUiFITU0MWcIr9rNAa1iqPFV3aVPg=";
};
patches = patches ++ [];
}) // {
inherit version;
yarnHash = "sha256-WsPNqV1PC2YjL37qnWfRTj8LaIBUI7+C0cWTfFd7HGo=";
} }

27
common/pkgs/mastodon/update.nix
View File

@ -1,27 +0,0 @@
{ pkgs }:
let
binPath = with pkgs;
lib.makeBinPath [
yarn2nix
bundix
coreutils
diffutils
nix-prefetch-git
gnused
jq
];
in pkgs.runCommand "mastodon-update-script" {
nativeBuildInputs = [ pkgs.makeWrapper ];
meta = {
maintainers = with pkgs.lib.maintainers; [ happy-river ];
description =
"Utility to generate Nix expressions for Mastodon's dependencies";
platforms = pkgs.lib.platforms.unix;
};
} ''
mkdir -p $out/bin
cp ${./update.sh} $out/bin/update.sh
patchShebangs $out/bin/update.sh
wrapProgram $out/bin/update.sh --prefix PATH : ${binPath}
''

80
common/pkgs/mastodon/update.sh
View File

@ -1,20 +1,22 @@
#!/usr/bin/env bash #!/usr/bin/env nix-shell
#! nix-shell -i bash -p bundix coreutils diffutils nix-prefetch-github gnused jq prefetch-yarn-deps
set -e set -e
URL=https://github.com/AgathaSorceress/mastodon.git OWNER=mastodon
REPO=mastodon
POSITIONAL=() POSITIONAL=()
while [[ $# -gt 0 ]]; do while [[ $# -gt 0 ]]; do
key="$1" key="$1"
case $key in case $key in
--url) --owner)
URL="$2" OWNER="$2"
shift # past argument shift # past argument
shift # past value shift # past value
;; ;;
--ver) --repo)
VERSION="$2" REPO="$2"
shift # past argument shift # past argument
shift # past value shift # past value
;; ;;
@ -35,29 +37,21 @@ while [[ $# -gt 0 ]]; do
esac esac
done done
if [[ -z "$VERSION" || -n "$POSITIONAL" ]]; then if [[ -n "$POSITIONAL" ]]; then
echo "Usage: update.sh [--url URL] --ver VERSION [--rev REVISION] [--patches PATCHES]" echo "Usage: update.sh [--owner OWNER] [--repo REPO] [--rev REVISION] [--patches PATCHES]"
echo "URL may be any path acceptable to 'git clone' and VERSION the" echo "OWNER and REPO must be paths on github."
echo "semantic version number. If VERSION is not a revision acceptable to" echo "If OWNER and REPO are not provided, it defaults they default to mastodon and mastodon."
echo "'git checkout', you must provide one in REVISION. If URL is not" echo "PATCHES, if provided, should be one or more Nix expressions separated by spaces."
echo "provided, it defaults to https://github.com/mastodon/mastodon.git."
echo "PATCHES, if provided, should be one or more Nix expressions"
echo "separated by spaces."
exit 1 exit 1
fi fi
if [[ -z "$REVISION" ]]; then rm -f gemset.nix source.nix
REVISION="$VERSION" cd "$(dirname "${BASH_SOURCE[0]}")" || exit 1
fi
rm -f gemset.nix version.nix source.nix
TARGET_DIR="$PWD"
WORK_DIR=$(mktemp -d) WORK_DIR=$(mktemp -d)
# Check that working directory was created. # Check that working directory was created.
if [[ ! "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then if [[ -z "$WORK_DIR" || ! -d "$WORK_DIR" ]]; then
echo "Could not create temporary directory" echo "Could not create temporary directory"
exit 1 exit 1
fi fi
@ -70,29 +64,37 @@ function cleanup {
} }
trap cleanup EXIT trap cleanup EXIT
echo "Fetching source code $REVISION from $URL" echo "Fetching source code $REVISION"
JSON=$(nix-prefetch-git --url "$URL" --rev "$REVISION" 2> $WORK_DIR/nix-prefetch-git.out) JSON=$(nix-prefetch-github "$OWNER" "$REPO" --rev "$REVISION" 2> $WORK_DIR/nix-prefetch-git.out)
SHA=$(echo $JSON | jq -r .sha256) HASH=$(echo "$JSON" | jq -r .hash)
FETCHED_SOURCE_DIR=$(grep '^path is' $WORK_DIR/nix-prefetch-git.out | sed 's/^path is //')
echo "Creating version.nix"
echo \"$VERSION\" | sed 's/^"v/"/' > version.nix
cat > source.nix << EOF cat > source.nix << EOF
# This file was generated by pkgs.mastodon.updateScript. # This file was generated by pkgs.mastodon.updateScript.
{ fetchgit, applyPatches }: let { fetchFromGitHub, applyPatches, patches ? [] }:
src = fetchgit { let
url = "$URL"; version = "$REVISION";
rev = "$REVISION"; in
sha256 = "$SHA"; (
}; applyPatches {
in applyPatches { src = fetchFromGitHub {
inherit src; owner = "$OWNER";
patches = [$PATCHES]; repo = "$REPO";
rev = "\${version}";
hash = "$HASH";
};
patches = patches ++ [$PATCHES];
}) // {
inherit version;
yarnHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
} }
EOF EOF
SOURCE_DIR="$(nix-build --no-out-link -E '(import <nixpkgs> {}).callPackage ./source.nix {}')" SOURCE_DIR="$(nix-build --no-out-link -E '(import <nixpkgs> {}).callPackage ./source.nix {}')"
echo "Creating gemset.nix" echo "Creating gemset.nix"
bundix --lockfile="$SOURCE_DIR/Gemfile.lock" --gemfile="$SOURCE_DIR/Gemfile" bundix --lockfile="$SOURCE_DIR/Gemfile.lock" --gemfile="$SOURCE_DIR/Gemfile"
echo "" >> $TARGET_DIR/gemset.nix # Create trailing newline to please EditorConfig checks echo "" >> gemset.nix # Create trailing newline to please EditorConfig checks
echo "Creating yarn-hash.nix"
YARN_HASH="$(prefetch-yarn-deps "$SOURCE_DIR/yarn.lock")"
YARN_HASH="$(nix hash to-sri --type sha256 "$YARN_HASH")"
sed -i "s/sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=/$YARN_HASH/g" source.nix

1
common/pkgs/mastodon/version.nix
View File

@ -1 +0,0 @@
"8fbaf6711d6d33de2fcc62888a7109993a5c8f24"

85
flake.lock
View File

@ -53,11 +53,11 @@
"utils": "utils_2" "utils": "utils_2"
}, },
"locked": { "locked": {
"lastModified": 1696800008, "lastModified": 1700940986,
"narHash": "sha256-dQ2Xf1K5qH18J7h3pzx4ffp6n1nwN+2L8jv6OBXPLzQ=", "narHash": "sha256-+7eo8Y0YkuQeGDIHtEGPpoJQNGSxpzkg4UPR63xJiss=",
"owner": "AgathaSorceress", "owner": "AgathaSorceress",
"repo": "colorpickle", "repo": "colorpickle",
"rev": "a1a21aebbc9b9716136ab9cc6f77bf5346f8e7ba", "rev": "61c77e71b5586412b6deecc2389fc39072e4b60f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -68,26 +68,17 @@
}, },
"crane": { "crane": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": [
"helix",
"flake-utils"
],
"nixpkgs": [ "nixpkgs": [
"helix", "helix",
"nixpkgs" "nixpkgs"
],
"rust-overlay": [
"helix",
"rust-overlay"
] ]
}, },
"locked": { "locked": {
"lastModified": 1688772518, "lastModified": 1701025348,
"narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=", "narHash": "sha256-42GHmYH+GF7VjwGSt+fVT1CQuNpGanJbNgVHTAZppUM=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e", "rev": "42afaeb1a0325194a7cdb526332d2cb92fddd07b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -113,22 +104,6 @@
} }
}, },
"flake-compat_2": { "flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1668681692, "lastModified": 1668681692,
@ -164,11 +139,11 @@
"systems": "systems_4" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1689068808, "lastModified": 1694529238,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -242,11 +217,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1699520217, "lastModified": 1702485432,
"narHash": "sha256-+b4R/GUQrRBGGpmDXna8w28ueeK7FhIYhQTSHqFJuqo=", "narHash": "sha256-3wcT7NGgH1Du9w+acJEnrorr49g2c2040m00FNNFLWs=",
"owner": "helix-editor", "owner": "helix-editor",
"repo": "helix", "repo": "helix",
"rev": "6ab774da0b473c36a437d90abcdac3558353d32e", "rev": "7c55190806f31595e18da2b56c8ca54d8f5b33b7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -262,16 +237,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1695108154, "lastModified": 1702195709,
"narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=", "narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "07682fff75d41f18327a871088d20af2710d4744", "rev": "6761b8188b860f374b457eddfdb05c82eef9752f",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-23.05", "ref": "release-23.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -316,7 +291,7 @@
}, },
"mms": { "mms": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"nix": "nix", "nix": "nix",
"nixpkgs": [ "nixpkgs": [
@ -465,11 +440,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1699343069, "lastModified": 1702272962,
"narHash": "sha256-s7BBhyLA6MI6FuJgs4F/SgpntHBzz40/qV0xLPW6A1Q=", "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ec750fd01963ab6b20ee1f0cb488754e8036d89d", "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -524,16 +499,16 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1699291058, "lastModified": 1702346276,
"narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=", "narHash": "sha256-eAQgwIWApFQ40ipeOjVSoK4TEHVd6nbSd9fApiHIw5A=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "41de143fda10e33be0f47eab2bfe08a50f234267", "rev": "cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",
"ref": "nixos-23.05", "ref": "nixos-23.11",
"type": "indirect" "type": "indirect"
} }
}, },
@ -596,11 +571,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1690424156, "lastModified": 1701137803,
"narHash": "sha256-Bpml+L280tHTQpwpC5/BJbU4HSvEzMvW8IZ4gAXimhE=", "narHash": "sha256-0LcPAdql5IhQSUXJx3Zna0dYTgdIoYO7zUrsKgiBd04=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "f335a0213504c7e6481c359dc1009be9cf34432c", "rev": "9dd940c967502f844eacea52a61e9596268d4f70",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -617,11 +592,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1699469086, "lastModified": 1699986787,
"narHash": "sha256-FC350WZKaTh+b0c3THfrJW9WNu1Y0oC9Y9F5z32gIFk=", "narHash": "sha256-eYlLWibKtHN/uWJQLzOMRXpoTbO6VcFTfVY4dpgdJcQ=",
"owner": "the-argus", "owner": "the-argus",
"repo": "spicetify-nix", "repo": "spicetify-nix",
"rev": "f395fe14de6d934159d3aa5cc904bbb41f1ea053", "rev": "3c702af1f717b7876fac08809201b1368d0d956c",
"type": "github" "type": "github"
}, },
"original": { "original": {

7
flake.nix
View File

@ -1,12 +1,12 @@
{ {
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-23.05"; nixpkgs.url = "nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable"; nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable";
vampysite.url = "git+https://git.lain.faith/sorceress/vampysite"; vampysite.url = "git+https://git.lain.faith/sorceress/vampysite";
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-23.05"; url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
@ -130,11 +130,8 @@
./hosts/bloodletting/configuration.nix ./hosts/bloodletting/configuration.nix
(import "${home-manager}/nixos") (import "${home-manager}/nixos")
mms.module mms.module
"${nixpkgs-unstable}/nixos/modules/services/web-apps/mastodon.nix"
]; ];
disabledModules = [ "services/web-apps/mastodon.nix" ];
deployment = { deployment = {
targetUser = "root"; targetUser = "root";
targetHost = "bloodletting"; targetHost = "bloodletting";

25
hosts/bloodletting/configuration.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, ... }: { { config, pkgs, lib, ... }: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
../../common/users/julia.nix ../../common/users/julia.nix
@ -114,6 +114,18 @@
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
upstreams = {
"backend-mastodon-streaming" = {
servers = builtins.listToAttrs (map (i: {
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
value = { fail_timeout = "0"; };
}) (lib.range 1 config.services.mastodon.streamingProcesses));
extraConfig = ''
least_conn;
'';
};
};
virtualHosts."technogothic.net" = { virtualHosts."technogothic.net" = {
useACMEHost = "technogothic.net"; useACMEHost = "technogothic.net";
forceSSL = true; forceSSL = true;
@ -202,9 +214,16 @@
proxyWebsockets = true; proxyWebsockets = true;
}; };
locations."/api/v1/streaming/" = { locations."^~ /api/v1/streaming/" = {
proxyPass = "http://unix:/run/mastodon-streaming/streaming.socket"; proxyPass = "http://backend-mastodon-streaming/";
proxyWebsockets = true; proxyWebsockets = true;
priority = 2300;
extraConfig = ''
proxy_buffering off;
proxy_redirect off;
tcp_nodelay on;
'';
}; };
extraConfig = "client_max_body_size 64M;"; extraConfig = "client_max_body_size 64M;";

40
hosts/tears/hardware-configuration.nix
View File

@ -53,4 +53,44 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware; lib.mkDefault config.hardware.enableRedistributableFirmware;
# Workaround for UMC202HD only exposing a single stereo input
environment.etc."pipewire/pipewire.conf.d/91-umc202hd.conf".text = ''
context.modules = [
{ name = libpipewire-module-loopback
args = {
node.description = "UMC202HD Left Input Mono"
capture.props = {
node.name = "capture.UMC202HD_Left"
audio.position = [ AUX0 ]
stream.dont-remix = true
target.object = "alsa_input.usb-BEHRINGER_UMC202HD_192k-00.analog-stereo"
node.passive = true
}
playback.props = {
node.name = "UMC202HD_Left"
media.class = "Audio/Source"
audio.position = [ MONO ]
}
}
}
{ name = libpipewire-module-loopback
args = {
node.description = "UMC202HD Right Input Mono"
capture.props = {
node.name = "capture.UMC_202HD_Right"
audio.position = [ AUX1 ]
stream.dont-remix = true
target.object = "alsa_input.usb-BEHRINGER_UMC202HD_192k-00.analog-stereo"
node.passive = true
}
playback.props = {
node.name = "UMC202HD_Right"
media.class = "Audio/Source"
audio.position = [ MONO ]
}
}
}
]
'';
} }